﻿using System;
using System.Web;
using System.Web.Mvc;

namespace Lbb.User.Security
{
    /// <summary>
    /// 权限特性
    /// </summary>
    /// <author>Chiron</author>
    public class PermissionAttribute : AuthorizeAttribute
    {
        /// <summary>
        /// 审核权限
        /// </summary>
        /// <param name="operationName">操作名</param>
        public PermissionAttribute(string operationName)
        {
            if (string.IsNullOrWhiteSpace(operationName)) throw new ArgumentNullException("operationName");
            OperationName = operationName;
        }

        /// <summary>
        /// 操作名
        /// </summary>
        public string OperationName { get; protected set; }

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            return PermissionVerifier.Authorize(httpContext.User, OperationName);
        }
    }
}